Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
5764
Views
25
Helpful
4
Replies

"vendor ID seems Unity/DPD but major 69 mismatch"

Go to solution
CiscoPurpleBelt
Frequent Contributor
Frequent Contributor

‎02-29-2020 04:29 PM

I see "vendor ID seems Unity/DPD but major 69 mismatch" in a working debug between 2 routers for IPSEC. Not able to find info for what this means. Any help?

Labels:
0 Helpful
3 Accepted Solutions

Accepted Solutions

Go to solution
Sheraz.Salim
VIP Advisor VIP Advisor
VIP Advisor

‎02-29-2020 05:01 PM

isakmp up and running. i mean phase 1 up? and so the phase2? the way you said it seems all working fine but in your debug you see vendor ID seems Unity/DPD but major 69 mismatch.

 

Dead peer detection (kind of keep alive, you there or call it a kind of control plan) is going on. however major 69 mismatch this information is optional according to IEEE this is not a mandatory unless some one prove me i am wrong this is my understand of reading the IEEE isakmp. each vendor put different attribute in isakmp heard for example cisco/juniper etc.

please do not forget to rate.

View solution in original post

Go to solution
Cristian Matei
Collaborator
Collaborator

‎03-01-2020 08:19 AM

Hi,

 

   That message is purely informational, in general. Each vendor attaches its own proprietary info in the ISAKMP packet, and that message usually means the remote side is another vendor , which means the proprietary info is kinda ignored. The IPsec tunnel should still come up.

 

Regards,

Cristian Matei.

View solution in original post

Go to solution
Sheraz.Salim
VIP Advisor VIP Advisor
VIP Advisor
In response to CiscoPurpleBelt

‎03-01-2020 11:17 PM

These above messages are for specific to vendor not binding with IEEE. Therefore they can be easily ignore. 
howerver in is is isakmp/ikev1 you only need to focus on the 4 stages here the link https://www.tunnelsup.com/isakmp-ike-phase-1-status-messages/ 

 

please do not forget to rate.

View solution in original post

4 Replies 4

Go to solution
Sheraz.Salim
VIP Advisor VIP Advisor
VIP Advisor

‎02-29-2020 05:01 PM

isakmp up and running. i mean phase 1 up? and so the phase2? the way you said it seems all working fine but in your debug you see vendor ID seems Unity/DPD but major 69 mismatch.

 

Dead peer detection (kind of keep alive, you there or call it a kind of control plan) is going on. however major 69 mismatch this information is optional according to IEEE this is not a mandatory unless some one prove me i am wrong this is my understand of reading the IEEE isakmp. each vendor put different attribute in isakmp heard for example cisco/juniper etc.

please do not forget to rate.

Go to solution
Cristian Matei
Collaborator
Collaborator

‎03-01-2020 08:19 AM

Hi,

 

   That message is purely informational, in general. Each vendor attaches its own proprietary info in the ISAKMP packet, and that message usually means the remote side is another vendor , which means the proprietary info is kinda ignored. The IPsec tunnel should still come up.

 

Regards,

Cristian Matei.

Go to solution
CiscoPurpleBelt
Frequent Contributor
Frequent Contributor
In response to Cristian Matei

‎03-01-2020 07:18 PM

Awesome great. I am getting that message in VIRL between to CSR1000v routers. Any other cause for it? Yes tunnel is still up but I am just curious.
0 Helpful

Go to solution
Sheraz.Salim
VIP Advisor VIP Advisor
VIP Advisor
In response to CiscoPurpleBelt

‎03-01-2020 11:17 PM

These above messages are for specific to vendor not binding with IEEE. Therefore they can be easily ignore. 
howerver in is is isakmp/ikev1 you only need to focus on the 4 stages here the link https://www.tunnelsup.com/isakmp-ike-phase-1-status-messages/ 

 

please do not forget to rate.
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Recognize Your Peers
Spotlight Award Nomination
Customers Also Viewed These Support Documents